Active semi-supervised approach for checking app behavior against its description
Mobile applications are popular in recent years. They are often allowed to access and modify users' sensitive data. However, many mobile applications are malwares that inappropriately use these sensitive data. To detect these malwares, Gorla et al. Propose CHABADA which compares app behaviors a...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2015
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/2885 https://ink.library.smu.edu.sg/context/sis_research/article/3885/viewcontent/compsac15_malware.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-3885 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-38852024-05-31T06:49:39Z Active semi-supervised approach for checking app behavior against its description MA SIQI, WANG, Shaowei David LO, DENG, Robert H., SUN, Cong Mobile applications are popular in recent years. They are often allowed to access and modify users' sensitive data. However, many mobile applications are malwares that inappropriately use these sensitive data. To detect these malwares, Gorla et al. Propose CHABADA which compares app behaviors against its descriptions. Data about known malwares are not used in their work, which limits its effectiveness. In this work, we extend the work by Gorla et al. By proposing an active and semi-supervised approach for detecting malwares. Different from CHABADA, our approach will make use of both known benign and malicious apps to predict other malicious apps. Also, our approach will select a good set of apps for experts to label as malicious or benign to form a set of labeled training data -- it is an active approach. Furthermore, it will make use of both labeled data (known malicious or benign apps) and unlabeled data (unknown apps) -- it is a semi-supervised approach. We have evaluated our approach by using a set of 22,555 Android apps. Our approach achieves a good performance in detecting malicious apps with a precision of 99.82%, recall of 92.50%, and F-measure of 96.02%. Our approach improves CHABADA by 365.8%, 64.8%, 209.6% in terms of precision, recall, and F-measure. 2015-07-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/2885 info:doi/10.1109/COMPSAC.2015.93 https://ink.library.smu.edu.sg/context/sis_research/article/3885/viewcontent/compsac15_malware.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University App Mining Malware Detection Deviant Behavior Detection Text Mining Classification Computer Sciences Information Security Software Engineering |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
App Mining Malware Detection Deviant Behavior Detection Text Mining Classification Computer Sciences Information Security Software Engineering |
| spellingShingle |
App Mining Malware Detection Deviant Behavior Detection Text Mining Classification Computer Sciences Information Security Software Engineering MA SIQI, WANG, Shaowei David LO, DENG, Robert H., SUN, Cong Active semi-supervised approach for checking app behavior against its description |
| description |
Mobile applications are popular in recent years. They are often allowed to access and modify users' sensitive data. However, many mobile applications are malwares that inappropriately use these sensitive data. To detect these malwares, Gorla et al. Propose CHABADA which compares app behaviors against its descriptions. Data about known malwares are not used in their work, which limits its effectiveness. In this work, we extend the work by Gorla et al. By proposing an active and semi-supervised approach for detecting malwares. Different from CHABADA, our approach will make use of both known benign and malicious apps to predict other malicious apps. Also, our approach will select a good set of apps for experts to label as malicious or benign to form a set of labeled training data -- it is an active approach. Furthermore, it will make use of both labeled data (known malicious or benign apps) and unlabeled data (unknown apps) -- it is a semi-supervised approach. We have evaluated our approach by using a set of 22,555 Android apps. Our approach achieves a good performance in detecting malicious apps with a precision of 99.82%, recall of 92.50%, and F-measure of 96.02%. Our approach improves CHABADA by 365.8%, 64.8%, 209.6% in terms of precision, recall, and F-measure. |
| format |
text |
| author |
MA SIQI, WANG, Shaowei David LO, DENG, Robert H., SUN, Cong |
| author_facet |
MA SIQI, WANG, Shaowei David LO, DENG, Robert H., SUN, Cong |
| author_sort |
MA SIQI, |
| title |
Active semi-supervised approach for checking app behavior against its description |
| title_short |
Active semi-supervised approach for checking app behavior against its description |
| title_full |
Active semi-supervised approach for checking app behavior against its description |
| title_fullStr |
Active semi-supervised approach for checking app behavior against its description |
| title_full_unstemmed |
Active semi-supervised approach for checking app behavior against its description |
| title_sort |
active semi-supervised approach for checking app behavior against its description |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2015 |
| url |
https://ink.library.smu.edu.sg/sis_research/2885 https://ink.library.smu.edu.sg/context/sis_research/article/3885/viewcontent/compsac15_malware.pdf |
| _version_ |
1814047553677688832 |